diff --git a/.github/dependabot.yml b/.github/dependabot.yml deleted file mode 100644 index b3fa1e0..0000000 --- a/.github/dependabot.yml +++ /dev/null @@ -1,12 +0,0 @@ -version: 2 -updates: - - package-ecosystem: github-actions - directory: "/" - schedule: - interval: daily - time: "04:00" - reviewers: - - "waja" - pull-request-branch-name: - separator: "-" - open-pull-requests-limit: 10 diff --git a/.github/workflows/packaging_test.yml b/.github/workflows/packaging_test.yml deleted file mode 100644 index c478ef5..0000000 --- a/.github/workflows/packaging_test.yml +++ /dev/null @@ -1,36 +0,0 @@ -name: Packaging Test - -on: - push: - branches: - - $default-branch - - development - - master - # Run tests for any PRs - pull_request: - -env: - SOURCE_DIR: ./ - ARTIFACTS_DIR: debian/build/release/ - -jobs: - test: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - env: - DEBIAN_FRONTEND: "noninteractive" - - name: Remove github artefacts - run: | - rm -rf .github* - - name: Adjust distibution in changelog file - run: | - sed -i '0,/restricted/s//stable/' debian/changelog - - name: Build Debian package - uses: dawidd6/action-debian-package@v1.5.0 - with: - artifacts_directory: debian/build/release/ - os_distribution: testing - - name: Debug - run: | - ls -la diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml deleted file mode 100644 index f384f5e..0000000 --- a/.github/workflows/release.yml +++ /dev/null @@ -1,71 +0,0 @@ -on: - push: - # Sequence of patterns matched against refs/tags - tags: - - 'debian/*' # Push events to matching debian/*, i.e. debian/1.0-2, debian/20.15.10, debian/23.20020326 - -name: Release Process - -env: - SOURCE_DIR: ./ - ARTIFACTS_DIR: debian/build/release/ - -jobs: - create-release: - name: Create Release - runs-on: ubuntu-latest - outputs: - release-id: ${{ steps.create_release.outputs.id }} - steps: - - name: Checkout code - uses: actions/checkout@v4 - - name: Install needed packages - run: | - if [ $(dpkg -l | grep -c dpkg-dev) -ne 1 ]; then sudo apt-get update && sudo apt-get install -y dpkg-dev; fi - - name: Gather changelog - run: | - ls -la - dpkg-parsechangelog | tail -n +9 > debian.changelog - - name: Create Release - id: create_release - uses: actions/create-release@v1 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token - with: - tag_name: ${{ github.ref }} - release_name: Release ${{ github.ref }} - body_path: debian.changelog - draft: false - prerelease: false - - build: - name: Build and upload packages - needs: create-release - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - env: - DEBIAN_FRONTEND: "noninteractive" - - name: Remove github artefacts - run: | - rm -rf .github* - - name: Adjust distibution in changelog file - run: | - sed -i '0,/restricted/s//stable/' debian/changelog - - name: Build Debian package - uses: dawidd6/action-debian-package@v1.5.0 - with: - artifacts_directory: debian/build/release/ - os_distribution: testing -# - name: Build Debian package -# uses: pi-top/action-debian-package@v0.2.0 -# with: -# artifacts_directory: debian/build/release/ -# target_architectures: "amd64,i386" - - name: Upload the artifacts - uses: skx/github-action-publish-binaries@release-2.0 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - releaseId: ${{ needs.create-release.outputs.release-id }} - args: debian/build/release/* diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index fcf0af0..0000000 --- a/.travis.yml +++ /dev/null @@ -1,32 +0,0 @@ -dist: xenial -sudo: required - -env: - - TRAVIS_DEBIAN_DISTRIBUTION=unstable TRAVIS_DEBIAN_MIRROR="http://httpredir.debian.org/debian/" TRAVIS_DEBIAN_SECURITY_UPDATES=false - - TRAVIS_DEBIAN_DISTRIBUTION=testing TRAVIS_DEBIAN_MIRROR="http://httpredir.debian.org/debian/" - - TRAVIS_DEBIAN_DISTRIBUTION=stable TRAVIS_DEBIAN_MIRROR="http://httpredir.debian.org/debian/" - -services: - - docker - -before_script: - # fetch all tags (not done due travis cloning with depth=50) - - git fetch --tags - -script: - # build the debian package - - wget -O- http://travis.debian.net/script.sh | sh - - -after_script: - # run lintian after build - - sudo add-apt-repository -y ppa:waja/trusty-backports - - sudo apt-get update -qq - - sudo apt-get install -qq --no-install-recommends lintian - - lintian --info --display-info --display-experimental --pedantic --show-overrides ../*.deb && lintian --info --display-info --display-experimental --pedantic --show-overrides ../*.dsc - -#notifications: -# email: false - -branches: - except: - - /^debian\/\d/ diff --git a/debian/.gitlab-ci.yml b/debian/.gitlab-ci.yml deleted file mode 100644 index 0100fa0..0000000 --- a/debian/.gitlab-ci.yml +++ /dev/null @@ -1,14 +0,0 @@ -include: - - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/salsa-ci.yml - - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/pipeline-jobs.yml - -variables: - RELEASE: 'unstable' - SALSA_CI_DISABLE_APTLY: 0 - SALSA_CI_DISABLE_AUTOPKGTEST: 1 - SALSA_CI_DISABLE_BLHC: 0 - SALSA_CI_DISABLE_LINTIAN: 0 - SALSA_CI_DISABLE_PIUPARTS: 1 - SALSA_CI_DISABLE_REPROTEST: 1 - SALSA_CI_DISABLE_BUILD_PACKAGE_ALL: 0 - SALSA_CI_DISABLE_BUILD_PACKAGE_ANY: 0 diff --git a/debian/bin/github-release.sh b/debian/bin/github-release.sh deleted file mode 100755 index 79da0c9..0000000 --- a/debian/bin/github-release.sh +++ /dev/null @@ -1,188 +0,0 @@ -#!/bin/bash - -# Copyright (c) 2014 Terry Burton -# -# https://github.com/terryburton/travis-github-release -# -# Permission is hereby granted, free of charge, to any -# person obtaining a copy of this software and associated -# documentation files (the "Software"), to deal in the -# Software without restriction, including without -# limitation the rights to use, copy, modify, merge, -# publish, distribute, sublicense, and/or sell copies of -# the Software, and to permit persons to whom the Software -# is furnished to do so, subject to the following -# conditions: -# -# The above copyright notice and this permission notice -# shall be included in all copies or substantial portions -# of the Software. -# -# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY -# KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO -# THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A -# PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL -# THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, -# DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF -# CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -# CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS -# IN THE SOFTWARE. - -# This script provides a simple continuous deployment -# solution that allows Travis CI to publish a new GitHub -# release and upload assets to it whenever a tag is pushed: -# git tag; git push --tags -# -# It is created as a temporary solution whilst we wait for -# Travis DPL to support GitHub: -# -# https://github.com/travis-ci/dpl -# -# Place this script somewhere in your project repository (perhaps by forking -# the github-travis-release repo and adding your fork as a git submodule) then -# put something like this to your .travis.yml: -# -# after_success: .travis/github-release.sh "$TRAVIS_REPO_SLUG" "`head -1 src/VERSION`" build/release/* -# -# The first argument is your repository in the format -# "username/repository", which Travis provides in the -# TRAVIS_REPO_SLUG environment variable. -# -# The second argument is the release version which as a -# sanity check should match the tag that you are releasing. -# You could pass "`git describe`" to satisfy this check. -# -# The remaining arguments are a list of asset files that you -# want to publish along with the release. -# -# The script requires that you create a GitHub OAuth access -# token to facilitate the upload: -# -# https://help.github.com/articles/creating-an-access-token-for-command-line-use -# -# You must pass this securely in the GITHUBTOKEN environment -# variable: -# -# http://docs.travis-ci.com/user/encryption-keys/ -# -# For testing purposes you can create a local convenience -# file in the script directory called GITHUBTOKEN that sets -# the GITHUBTOKEN environment variable. If you do so you MUST -# ensure that this doesn't get pushed to your repository, -# perhaps by adding it to a .gitignore file. -# -# Should you get stuck then look at a working example. This -# code is being used by Barcode Writer in Pure PostScript -# for automated deployment: -# -# https://github.com/terryburton/postscriptbarcode - -set -e - -REPO=$1 && shift -RELEASE=$1 && shift -RELEASEFILES=$@ - -if ! TAG=`git describe --exact-match --tags 2>/dev/null`; then - echo "This commit is not a tag so not creating a release" - exit 0 -fi - -if [ "$TRAVIS" = "true" ] && [ -z "$TRAVIS_TAG" ]; then - echo "This build is not for the tag so not creating a release" - exit 0 -fi - -if [ "$TRAVIS" = "true" ] && [ "$TRAVIS_TAG" != "$RELEASE" ]; then - echo "Error: TRAVIS_TAG ($TRAVIS_TAG) does not match the indicated release ($RELEASE)" - exit 1 -fi - -if [ "$TAG" != "$RELEASE" ]; then - echo "Error: The tag ($TAG) does not match the indicated release ($RELEASE)" - exit 1 -fi - -if [[ -z "$RELEASEFILES" ]]; then - echo "Error: No release files provided" - exit 1 -fi - -SCRIPTDIR=`dirname $0` -[ -e "$SCRIPTDIR/GITHUBTOKEN" ] && . "$SCRIPTDIR/GITHUBTOKEN" -if [[ -z "$GITHUBTOKEN" ]]; then - echo "Error: GITHUBTOKEN is not set" - exit 1 -fi - -echo "Creating GitHub release for $RELEASE" - -echo -n "Create draft release... " -JSON=$(cat < Mon, 23 Jan 2023 12:43:03 +0000 - -postfwd (1.35-8) unstable; urgency=medium - - * [d32c972] d/watch: Update to new url scheme - * [47e9ee0] Bump debhelper from old 12 to 13. - * [cac0b96] Bump Standards-Version to 4.6.2 - * [98d8062] Update watch file format version to 4. - * [7ba39f1] Drop lsb-base, sysvinit-utils is essential - * [be975fb] Set Rules-Requires-Root: no. - - -- Jan Wagner Mon, 23 Jan 2023 12:40:57 +0000 - -postfwd (1.35-7) unstable; urgency=medium - - * [f2a169d] Use secure copyright file specification URI. - * [270413d] Use secure URI in Homepage field. - * [1563d38] d/source/options: Adding .github to diff ignore - * [f32e604] Adding d/.gitlab-ci.yml - * [94f95bc] Adding Dependabot config - * [b16de77] Do not remove .git* anymore - * [4926505] ci: pin action versions - * [d0ecd91] d/rules: Calling dh_installsystemd (Closes: #994901) - - -- Jan Wagner Tue, 28 Sep 2021 13:28:53 +0200 - -postfwd (1.35-6) unstable; urgency=medium - - * [1446da0] Fix initscript (Closes: #942414) - * [3abd7a4] Bump Standards-Version to 4.5.1.0, no changes needed - * [27de180] Adding Github CI - * [a282d29] d/control: Raise compat level to 12 - - -- Jan Wagner Wed, 06 Jan 2021 21:49:07 +0100 - -postfwd (1.35-5) unstable; urgency=medium - - * [217213b] Adding systemd unit file - * [8e419b4] Add a bit documentation about systemd (and sysvinit) - * [62139a7] travis-ci: Use xenial image - * [ac0ac42] d/control: Bump Standards-Version to 4.3.0, no changes needed - * [e438455] d/postfwd.postrm: detect existens of command by which and - not 'test -x' - - -- Jan Wagner Thu, 24 Jan 2019 09:37:19 +0100 - -postfwd (1.35-4) unstable; urgency=medium - - * [e8799d3] travis-ci: don't install build-deps manual - * [c86c540] travis-ci: build package with dpkg-buildpackage - * [07e9eeb] travis-ci: Initial support for uploading releases to github - * [231a90f] Merging upstream changes of github-release.sh - * [b832cd0] Updating copyright and author of debian/bin/github-release.sh - * [5e353b5] debian/control: reformating with warp-and-sort - * [3862572] Reformating with warp-and-sort the rest of debian/ - * [d4687ee] travis-ci: grab actual used upstream version - * [4d0d01d] travis-ci: Adding required arguments for trusty - * [11da7ca] travis-ci: automatically install dependencies - * [7ad8c99] d/control: Bump Standards-Version to 3.9.8, no changes needed - * [80b011c] d/control: Depend on lsb-base - * [583a10d] travis-ci: Make use of travis.d.n - - -- Jan Wagner Mon, 05 Dec 2016 11:50:27 +0100 - -postfwd (1.35-3) unstable; urgency=medium - - * [965e0d7] Remove shiped html files from binaries - * [17c1925] Bump Standards-Version to 3.9.6, no changes needed - - -- Jan Wagner Mon, 13 Oct 2014 15:02:11 +0200 - -postfwd (1.35-2) unstable; urgency=low - - * Migrate over example installation to postfwd.examples - * Add plugins/*.sample to examples - * [6f4f77b] Remove generated hapolicy manpage in clean target - * [05ca589] Updating standards version to 3.9.4, no changes needed - * [bb64a82] Source init functions in init script - * [5d8b250] Update Vcs-headers - * [0df5d0a] Updating standards version to 3.9.5, no changes needed - * [86f8f61] Add travis-ci config - * [010082b] Remove unneeded purge from travis config - * [7542e86] Reorder and comment .travis.yml - * [7025f4f] Add lintian checks after build - * [ddbfcc0] Update to recent copyright format - * [b9b503e] Move samples into /usr/share/doc/postfwd/examples - * [1e7c202] Add 10_fix_wording_manpages.patch to fix manpages - * [f7da50f] travis-ci: Remove dpatch from build-deps - * [dd5f01d] Add 20_fix_postfwd1_default_umask.patch to fix postfwd default - umask (Closes: #717607), thanks Jesse Norell - * [172a432] Fix bug report source format move - - -- Jan Wagner Sun, 09 Mar 2014 23:43:28 +0100 - -postfwd (1.35-1) unstable; urgency=low - - * New upstream release - - fixed fixed taint mode logging error - - check_* functions use print/getline instead of send/recv for large - --dumpcache output - - log_* routines added to allow the same plugins for postfwd1 and postfwd2 - - added more information when using --debug=cleanup - - new sendmail(sendmail-path::from::to::subject::body) action - - rate(), size() and rcpt() function index is now case insensitive by - default - - fixed segfault when using new perl versions (Closes: #697653) - - -- Jan Wagner Wed, 22 May 2013 14:49:15 +0200 - -postfwd (1.33-1) UNRELEASED; urgency=low - - * New upstream release - - fixed bug when computing scores with more than 1 digit after the "." - - fixed bug when computing negative values with the set action - - ITEMS plugins returning zero values were handled incorrectly - - max command recursion was not reset for each rule - - fixed warning about use of (uninitialized value) when STORABLE - is available but no cache file was defined (Closes: #697657) - * Fix comment in /etc/default/postfwd (Closes: #679924), thanks Jeroen - Koekkoek - * Fix typo in README.Debian (closes: #691242), thanks Axel Beckert - - -- Jan Wagner Thu, 29 Mar 2012 20:31:17 +0200 - -postfwd (1.32-2) unstable; urgency=low - - * Switch over to packaging format 3.0 (quilt) (Closes: #664368) - * Updating standards version to 3.9.3, no changes needed - * Remove build-dependency of dpatch - * Use dh_prep instead of dh_clean -k - * Add build-arch and build-indep targets to debian/rules - - -- Jan Wagner Thu, 29 Mar 2012 20:22:17 +0200 - -postfwd (1.32-1) unstable; urgency=low - - * New upstream release - - new option --save_rates= is able to load and save rate limit counters - to disk on program start and termination. - - the --debugitem="sender=example\.org$" option allows verbose logging for - particular requests - - the debug() action enables verbose logging for certain rules - - nested commands are possible now - - new mail(server/helo/from/to/subject/body) action. - - single cache items can be wiped - - sasl_username is logged if available - - rate limit action is executed, if the first request exceeds the limit - - exceeded ratecounters will not be kept permanently anymore - - rate limits are evaluated at ruleset stage now - - new parser enhancement is able to omit the trailing "\" for multi-line - rules - - new plugin interface (BETA) - - Time::HiRes is used if available - - multiple rate limits for the same items are supported now - - new $$ratecount variable for rate() actions - - new option --keep_rates - - queueid is logged when available - - rate limits fixed - - new --debug class 'cleanup' - - documentation updates and fixes - * Suppress output on restarting via init script (Closes: #636782), thanks - Martin F. Krafft for reporting - * Add hapolicy and manpage into separate binary package - * Reorganize documentation - - Add new files from upstream to documentation - - Changelogs where renamed by upstream - * Bump Standards-Version to 3.9.2, no changes needed - - -- Jan Wagner Wed, 21 Dec 2011 22:27:27 +0100 - -postfwd (1.20-1) unstable; urgency=low - - * New upstream release - - Release contains postfwd1 and postfwd2 now (Closes: #582969) - - new --umask setting allows to set filepermissions for pidfiles and unix - domain sockets - - Rate limit code rewritten - - rbl checks disabled for ipv6 addresses, cidr compare will switch to - default (regex/string) - - rbl check could fail on multiple dnsbl answers - * Add dpatch infrastructure - * Provide update-alternatives for choosing the postfwd variant - * Install also CHANGELOG2 - * Bump Standards-Version to 3.9.1, no changes needed - - -- Jan Wagner Thu, 10 Feb 2011 08:38:04 +0100 - -postfwd (1.18-1) unstable; urgency=low - - * New upstream release - - Fixed bug when comparing sender and recipient addresses, like - "sender=$$recipient" - - -- Jan Wagner Thu, 29 Apr 2010 08:46:25 +0200 - -postfwd (1.17-1) unstable; urgency=low - - * New upstream release - - Net::DNS internal errors will now be handled gracefully - - default for options --dns_max_ns_a_lookups and --dns_max_mx_a_lookups of - 100 - - Fixed variable substitution when the '=' operator is used - - -- Jan Wagner Mon, 22 Mar 2010 09:02:31 +0100 - -postfwd (1.16-2) unstable; urgency=low - - * Bump Standards-Version to 3.8.4, no changes needed - * Migrate Vcs-Fields over to scm.uncompleted.org - * Add 1.0 to debian/source/format - - -- Jan Wagner Wed, 10 Mar 2010 12:35:57 +0100 - -postfwd (1.16-1) unstable; urgency=low - - * NEW upstream release - - documentation fixed - - configuration parser improvements - - option --reload (HUP signal) now reloads config, if the file is unchanged - - redirect syslog to stdout for --kill, --reload and --showconfig - - new rcpt() command counts recipients for rate limits - - helo_address, and sender_(ns|mx)_addrs can now be csv items - - items may now be retrieved from files using "item=file:/some/where" - * Add "Copyright" to all copyrights in debian/copyright - * Bump standards version to 3.8.3 (no changes needed) - * Fix speeling errors in debian/README.Debian - - -- Jan Wagner Thu, 14 Jan 2010 19:32:26 +0100 - -postfwd (1.14-1) unstable; urgency=low - - * new upstream release - - new compare operators - - added --nodaemon option - - perform non dns items first - - enabled dns cache for sender(ns|mx) and helo address - - new options --dns_max_ns_lookups and --dns_max_mx_lookups - - new items sender_ns_names and sender_ns_addrs - - new items sender_mx_names and sender_mx_addrs - - new item helo_address, please see docs for more - - added --proto switch, to enable the use of unix domain sockets - - added command-line options --kill and --reload - - dnsbl txt lookups only for dnsbls with at least one a record - - small performance improvement - - ask() action allows to use another policy service - - new options --noidlestats and --norulelog - * install postfwd.cf.sample, was renamed upstream - * leave hints about documentation and config verification in README.Debian - * Bump standards version to 3.8.2 (no changes needed) - - -- Jan Wagner Mon, 06 Jul 2009 21:15:35 +0200 - -postfwd (1.10pre8b-1) unstable; urgency=low - - * new upstream release - - Net::CIDR::Lite is not required any longer - - Net::DNS::Async is no longer used - - changed Net::Server behaviour to ignore syslog errors - - --shortlog is now default behaviour (use -v to see more) - - days=Wed now means exactly Wednesday - - disabled fallback to synchronous dns on timed out rbls - - new item "rhsbl_helo" allows to check helo against rhsbls - - the new variable $$request_hits contains a list of all matching ruleids - - the new variable $$dnsbltext allows access to txt records of rbls - - new options --no-rulestats and --nodnslog - - ttls of the dns responses override --cache-rbl-timeout when bigger - * drop dependency of libnet-cidr-lite-perl and libnet-dns-async-perl - * add dependency of libnet-dns-perl - - -- Jan Wagner Thu, 19 Feb 2009 22:39:09 +0100 - -postfwd (1.10pre7c-3) unstable; urgency=low - - * implement machine-interpretable copyright file - * fix init script (Closes: #503597). - - let daemon write pid file for his own - - point start-stop daemon to pidfile when stoping - - fix reload by fixing the way how to get the pid - * fix example-cfg2.txt to work with 1.10pre7 (Closes: #503596). - - -- Jan Wagner Fri, 31 Oct 2008 09:55:52 +0100 - -postfwd (1.10pre7c-2) unstable; urgency=low - - * Uploading to unstable. - * Updating standards version to 3.8.0, no changes needed - - -- Jan Wagner Tue, 15 Jul 2008 22:43:08 +0200 - -postfwd (1.10pre7c-1) experimental; urgency=low - - * Initial release (Closes: #470356). - - -- Jan Wagner Sat, 31 May 2008 22:07:08 +0200 diff --git a/debian/control b/debian/control deleted file mode 100644 index 995c952..0000000 --- a/debian/control +++ /dev/null @@ -1,36 +0,0 @@ -Source: postfwd -Section: mail -Priority: optional -Maintainer: Jan Wagner -Build-Depends: debhelper-compat (= 13), html2text -Homepage: https://www.postfwd.org/ -Vcs-Browser: https://gitlab.uncompleted.org/debian/postfwd -Vcs-Git: https://gitlab.uncompleted.org/debian/postfwd.git -Standards-Version: 4.6.2 -Rules-Requires-Root: no - -Package: postfwd -Architecture: all -Depends: adduser, - libnet-dns-perl, - libnet-server-perl, - ${misc:Depends}, - ${perl:Depends} -Conflicts: postfwd2 -Description: Postfix policyd to combine complex restrictions in a ruleset - Postfwd is written in perl to combine complex postfix restrictions in a - ruleset similar to those of the most firewalls. The program uses the postfix - policy delegation protocol to control access to the mail system before a - message has been accepted. It allows you to choose an action (e.g. reject, - dunno) for a combination of several smtp parameters (like sender and recipient - address, size or the client's TLS fingerprint). - -Package: hapolicy -Architecture: all -Depends: ${misc:Depends}, ${perl:Depends} -Description: Balancing and fallback postfix policy delegation service - Hapolicy enables high availability, weighted loadbalancing and a fallback - action for postfix policy delegation services. Invoked via postfix spawn - it acts as a wrapper that queries other policy servers via tcp connection. - The order of the service queries can be influenced by assigning a specific - priority and weight to each service. diff --git a/debian/copyright b/debian/copyright deleted file mode 100644 index ba7f2f8..0000000 --- a/debian/copyright +++ /dev/null @@ -1,82 +0,0 @@ -Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ -Upstream-Name: postfwd -Upstream-Contact: Jan Peter Kessler -Source: http://www.postfwd.org - -Files: * -Copyright: Copyright (c) 2007, Jan Peter Kessler, All rights reserved. -License: BSD-3 - -Files: debian/* -Copyright: Copyright (C) 2006, 2008 Jan Wagner -License: GPL-2+ - -Files: debian/example-cfg2.txt -Copyright: Copyright (c) 2008, Henrik Krohns -License: BSD-3 - -Files: debian/bin/github-release.sh -Copyright: Copyright (c) 2014 Terry Burton -License: Expat - -License: Expat - Permission is hereby granted, free of charge, to any person obtaining - a copy of this software and associated documentation files (the - "Software"), to deal in the Software without restriction, including - without limitation the rights to use, copy, modify, merge, publish, - distribute, sublicense, and/or sell copies of the Software, and to - permit persons to whom the Software is furnished to do so, subject to - the following conditions: - . - The above copyright notice and this permission notice shall be included - in all copies or substantial portions of the Software. - . - THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, - EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF - MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. - IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY - CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, - TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE - SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. - -License: BSD-3 - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - . - * Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above copyright notice, - this list of conditions and the following disclaimer in the documentation - and/or other materials provided with the distribution. - * Neither the name of the authors nor the names of his contributors may be - used to endorse or promote products derived from this software without - specific prior written permission. - . - THIS SOFTWARE IS PROVIDED BY ME ``AS IS'' AND ANY EXPRESS OR IMPLIED - WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF - MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO - EVENT SHALL BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, - EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, - PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; - OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - -License: GPL-2+ - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - . - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - . - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - . - On Debian systems, the complete text of the GNU General Public License can be - found in /usr/share/common-licenses/GPL-2 file. diff --git a/debian/example-cfg2.txt b/debian/example-cfg2.txt deleted file mode 100644 index e8ef10a..0000000 --- a/debian/example-cfg2.txt +++ /dev/null @@ -1,146 +0,0 @@ -# downloaded from http://hege.li/howto/spam/etc/postfwd/postfwd.conf -# check for more recent versions! - -### -### Example config for postfwd 1.10pre7+ -### - -## Check DNS whitelists, maybe we don't need more checks - -id=OK_DNSWL; \ - rbl=list.dnswl.org/^127/43200; \ - action=DUNNO - -## Check (non-fqdn/ip/dynamic) HELO and (missing) reverse DNS - -id=SET_HELO; \ - helo_name=!!\.; \ - helo_name=[0-9.-]{7}; \ - action=set(HIT_helo=1) - -id=SET_NODNS; \ - client_name=^unknown$; \ - action=set(HIT_nodns=1) - -id=REJECT_HELO_NODNS; \ - HIT_helo==1; HIT_nodns==1; \ - action=REJECT Blocked - contact postmaster@example.net for help - Suspicious HELO [$$helo_name] and missing reverse DNS [$$client_address] - -## Check ZEN first for immediate blocking - less queries for other lists -## See usage policy: http://www.spamhaus.org/organization/dnsblusage.html - -id=REJECT_RBL_ZEN; \ - rbl=zen.spamhaus.org; \ - action=REJECT Blocked - contact postmaster@example.net for help - zen.spamhaus.org RBL - -## Check other DNSBLs in parallel - -&&DNSBLS { \ - rbl=bl.spamcop.net; \ - rbl=dnsbl-1.uceprotect.net; \ - rbl=dnsbl-2.uceprotect.net; \ - rbl=dnsbl-3.uceprotect.net; \ - rbl=psbl.surriel.com; \ - rbl=combined.njabl.org; \ - rbl=dnsbl.ahbl.org; \ - rbl=dnsbl.sorbs.net; \ - rbl=ix.dnsbl.manitu.net; \ - rbl=dyna.spamrats.com; \ -}; - -id=EVAL_DNSBLS; \ - &&DNSBLS; rblcount=all; \ - action=set(HIT_rbls=$$rblcount) - -id=REJECT_RBL_MULTI; \ - HIT_rbls>=2; \ - action=REJECT Blocked - contact postmaster@example.net for help - Multiple DNSBLs - -## Check RHSBLs if there wasn't enough DNSBLs hit - -&&RHSBLS_REVERSE { \ - rhsbl_reverse_client=dynamic.rhs.mailpolice.com; \ -}; - -&&RHSBLS_SENDER { \ - rhsbl_sender=multi.uribl.com; \ - rhsbl_sender=multi.surbl.org; \ - rhsbl_sender=bulk.rhs.mailpolice.com; \ - rhsbl_sender=rhsbl.ahbl.org; \ - rhsbl_sender=rhsbl.sorbs.net; \ - rhsbl_sender=dsn.rfc-ignorant.org; \ -}; - -id=EVAL_RHSBLS; \ - &&RHSBLS_REVERSE; &&RHSBLS_SENDER; rhsblcount=all; \ - action=set(HIT_rhsbls=$$rhsblcount) - -id=REJECT_RHSBL_MULTI; \ - HIT_rhsbls>=2; \ - action=REJECT Blocked - contact postmaster@example.net for help - Multiple RHSBLs - -## See if we get any combined hits from rules before - -id=REJECT_RBL_RHSBL; \ - HIT_rbls>=1; HIT_rhsbls>=1; \ - action=REJECT Blocked - contact postmaster@example.net for help - RHSBL and DNSBL - -id=REJECT_RBL_HELO; \ - HIT_rbls>=1; HIT_helo==1; \ - action=REJECT Blocked - contact postmaster@example.net for help - DNSBL and suspicious HELO [$$helo_name] - -id=REJECT_RBL_NODNS; \ - HIT_rbls>=1; HIT_nodns==1; \ - action=REJECT Blocked - contact postmaster@example.net for help - DNSBL and missing reverse DNS [$$client_address] - -id=REJECT_RHSBL_HELO; \ - HIT_rhsbls>=1; HIT_helo==1; \ - action=REJECT Blocked - contact postmaster@example.net for help - RHSBL and suspicious HELO [$$helo_name] - -id=REJECT_RHSBL_NODNS; \ - HIT_rhsbls>=1; HIT_nodns==1; \ - action=REJECT Blocked - contact postmaster@example.net for help - RHSBL and missing reverse DNS [$$client_address] - -## Finally greylist all lesser hits. -## -## A more DNSBL friendly way would be to greylist everything suspicious -## before DNS checks. Currently this requires you to setup some postfix -## tables before postfwd is called, since greylisting can be only done last -## in postfwd (action always exits processing). - -id=GREY_HELO; HIT_helo==1; action=check_postgrey -id=GREY_NODNS; HIT_nodns==1; action=check_postgrey -id=GREY_RBL; HIT_rbls>=1; action=check_postgrey -id=GREY_RHSBL; HIT_rhsbls>=1; action=check_postgrey - - -## -## This example is free to use as per BSD license: -## -## Copyright (c) 2008, Henrik Krohns -## All rights reserved. -## -## Redistribution and use in source and binary forms, with or without modification, -## are permitted provided that the following conditions are met: -## -## * Redistributions of source code must retain the above copyright -## notice, this list of conditions and the following disclaimer. -## * Redistributions in binary form must reproduce the above copyright -## notice, this list of conditions and the following disclaimer in -## the documentation and/or other materials provided with the -## distribution. -## * Neither the name of the authors nor the names of his contributors -## may be used to endorse or promote products derived from this -## software without specific prior written permission. -## -## THIS SOFTWARE IS PROVIDED BY ME ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, -## INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS -## FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL BE LIABLE FOR ANY DIRECT, -## INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT -## NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR -## PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, -## WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) -## ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE -## POSSIBILITY OF SUCH DAMAGE. -## - diff --git a/debian/hapolicy.docs b/debian/hapolicy.docs deleted file mode 100644 index 8216e68..0000000 --- a/debian/hapolicy.docs +++ /dev/null @@ -1,3 +0,0 @@ -doc/hapolicy.txt -tools/hapolicy/hapolicy.* -tools/hapolicy/hapolicy[0-9a-zA-Z.]* diff --git a/debian/hapolicy.manpages b/debian/hapolicy.manpages deleted file mode 100644 index e093172..0000000 --- a/debian/hapolicy.manpages +++ /dev/null @@ -1 +0,0 @@ -man/man8/hapolicy.1 diff --git a/debian/patches/10_fix_wording_manpages.patch b/debian/patches/10_fix_wording_manpages.patch deleted file mode 100644 index 156253c..0000000 --- a/debian/patches/10_fix_wording_manpages.patch +++ /dev/null @@ -1,172 +0,0 @@ -From: Jan Wagner -Subject: Fixing cosmetical issues -diff --git a/man/man8/postfwd.8 b/man/man8/postfwd.8 -index 3e4354b..49deff1 100644 ---- a/man/man8/postfwd.8 -+++ b/man/man8/postfwd.8 -@@ -335,7 +335,7 @@ postfwd versions prior to 1.30 require trailing ';' and '\e'\-characters: - \& the specified action will be returned to postfix - \& scores are set global until redefined! - \& --\& request_score \- this value allows to access a request\*(Aqs score. it -+\& request_score \- this value allows one to access a request\*(Aqs score. it - \& may be used as variable ($$request_score). - \& - \& rbl, rhsbl, \- query the specified RBLs/RHSBLs, possible values are: -@@ -466,7 +466,7 @@ The following items currently have to be unique: - \& id, minimum and maximum values, rblcount and rhsblcount - .Ve - .PP --Any item can be negated by preceeding '!!' to it, e.g.: -+Any item can be negated by preceding '!!' to it, e.g.: - .PP - .Vb 1 - \& id=HOST001 ; hostname == !!secure.trust.local ; action=REJECT only secure.trust.local please -@@ -484,7 +484,7 @@ To avoid confusion with regexps or simply for better visibility you can use '!!( - \& id=USER01 ; sasl_username = !!( (bob|alice) ) ; action=REJECT who is that? - .Ve - .PP --Request attributes can be compared by preceeding '$$' characters, e.g.: -+Request attributes can be compared by preceding '$$' characters, e.g.: - .PP - .Vb 3 - \& id=R\-003 ; client_name = !! $$helo_name ; action=WARN helo does not match DNS -@@ -637,7 +637,7 @@ with postfwd1 v1.15 and postfwd2 v0.18 and higher. - \&\fIGeneral\fR - .PP - Actions will be executed, when all rule items have matched a request (or at least one of any item list). You can refer to --request attributes by preceeding $$ characters, like: -+request attributes by preceding $$ characters, like: - .PP - .Vb 3 - \& id=R\-003; client_name = !!$$helo_name; action=WARN helo \*(Aq$$helo_name\*(Aq does not match DNS \*(Aq$$client_name\*(Aq -@@ -730,7 +730,7 @@ postfwd actions control the behaviour of the program. Currently you can specify - \& means that requests from bob@example.local and BoB@example.local will be treated differently - \& - \& ask (:[:]) --\& allows to delegate the policy decision to another policy service (e.g. postgrey). the first -+\& allows one to delegate the policy decision to another policy service (e.g. postgrey). the first - \& and the second argument (address and port) are mandatory. a third optional argument may be - \& specified to tell postfwd to ignore certain answers and go on parsing the ruleset: - \& # example1: query postgrey and return it\*(Aqs answer to postfix -@@ -832,7 +832,7 @@ carefully, because errors may cause postfwd to break! It is also - allowed to override attributes or built-in functions, but be sure that you know - what you do because some of them are used internally. - .PP --Please keep security in mind, when you access sensible ressources and never, ever -+Please keep security in mind, when you access sensible resources and never, ever - run postfwd as privileged user! Also never trust your input (especially hostnames, - and e\-mail addresses). - .PP -@@ -866,7 +866,7 @@ the policy delegation request and therefore may be used in postfwd's ruleset. - \& - \& # EXAMPLES \- integrated in postfwd. no need to activate them here. - \& --\& # allows to check postfwd version in ruleset -+\& # allows one to check postfwd version in ruleset - \& "version" => sub { - \& my(%request) = @_; - \& my(%result) = ( -@@ -1505,7 +1505,7 @@ equals to - \& id=R001; sender=bob@alice.local; client_address=192.168.1.1; action=dunno - .Ve - .PP --Lists will be evaluated in the specified order. This allows to place faster expressions at first: -+Lists will be evaluated in the specified order. This allows one to place faster expressions at first: - .PP - .Vb 1 - \& postfwd \-vv \-L \-r "id=RBL001; rbl=localrbl.local zen.spamhaus.org; action=REJECT" /some/where/request.sample -diff --git a/man/man8/postfwd2.8 b/man/man8/postfwd2.8 -index 11319fd..fdb3a6f 100644 ---- a/man/man8/postfwd2.8 -+++ b/man/man8/postfwd2.8 -@@ -193,7 +193,7 @@ postfwd2 \- postfix firewall daemon - \& \-n, \-\-nodns skip any dns based test - \& \-\-dns_timeout dns query timeout in seconds - \& \-\-dns_timeout_max disable dnsbl after timeouts --\& \-\-dns_timeout_interval reenable dnsbl after seconds -+\& \-\-dns_timeout_interval re-enable dnsbl after seconds - \& \-\-cache\-rbl\-timeout default dns ttl if not specified in ruleset - \& \-\-cache\-rbl\-default default dns pattern if not specified in ruleset - \& \-\-cleanup\-rbls cleanup old dns cache items every seconds -@@ -364,7 +364,7 @@ postfwd versions prior to 1.30 require trailing ';' and '\e'\-characters: - \& the specified action will be returned to postfix - \& scores are set global until redefined! - \& --\& request_score \- this value allows to access a request\*(Aqs score. it -+\& request_score \- this value allows one to access a request\*(Aqs score. it - \& may be used as variable ($$request_score). - \& - \& rbl, rhsbl, \- query the specified RBLs/RHSBLs, possible values are: -@@ -495,7 +495,7 @@ The following items must be unique: - \& id, minimum and maximum values, rblcount and rhsblcount - .Ve - .PP --Any item can be negated by preceeding '!!' to it, e.g.: -+Any item can be negated by preceding '!!' to it, e.g.: - .PP - .Vb 1 - \& id=HOST001 ; hostname == !!secure.trust.local ; action=REJECT only secure.trust.local please -@@ -513,7 +513,7 @@ To avoid confusion with regexps or simply for better visibility you can use '!!( - \& id=USER01 ; sasl_username =~ !!( /^(bob|alice)$/ ) ; action=REJECT who is that? - .Ve - .PP --Request attributes can be compared by preceeding '$$' characters, e.g.: -+Request attributes can be compared by preceding '$$' characters, e.g.: - .PP - .Vb 3 - \& id=R\-003 ; client_name = !! $$helo_name ; action=WARN helo does not match DNS -@@ -666,7 +666,7 @@ with postfwd1 v1.15 and postfwd2 v0.18 and higher. - \&\fIGeneral\fR - .PP - Actions will be executed, when all rule items have matched a request (or at least one of any item list). You can refer to --request attributes by preceeding $$ characters, like: -+request attributes by preceding $$ characters, like: - .PP - .Vb 3 - \& id=R\-003; client_name = !!$$helo_name; action=WARN helo \*(Aq$$helo_name\*(Aq does not match DNS \*(Aq$$client_name\*(Aq -@@ -750,7 +750,7 @@ postfwd2 actions control the behaviour of the program. Currently you can specify - \& means that requests from bob@example.local and BoB@example.local will be treated differently - \& - \& ask (:[:]) --\& allows to delegate the policy decision to another policy service (e.g. postgrey). the first -+\& allows one to delegate the policy decision to another policy service (e.g. postgrey). the first - \& and the second argument (address and port) are mandatory. a third optional argument may be - \& specified to tell postfwd2 to ignore certain answers and go on parsing the ruleset: - \& # example1: query postgrey and return it\*(Aqs answer to postfix -@@ -852,7 +852,7 @@ carefully, because errors may cause postfwd to break! It is also - allowed to override attributes or built-in functions, but be sure that you know - what you do because some of them are used internally. - .PP --Please keep security in mind, when you access sensible ressources and never, ever -+Please keep security in mind, when you access sensible resources and never, ever - run postfwd as privileged user! Also never trust your input (especially hostnames, - and e\-mail addresses). - .PP -@@ -886,7 +886,7 @@ the policy delegation request and therefore may be used in postfwd's ruleset. - \& - \& # EXAMPLES \- integrated in postfwd. no need to activate them here. - \& --\& # allows to check postfwd version in ruleset -+\& # allows one to check postfwd version in ruleset - \& "version" => sub { - \& my(%request) = @_; - \& my(%result) = ( -@@ -1524,7 +1524,7 @@ equals to - \& id=R001; sender=bob@alice.local; client_address=192.168.1.1; action=dunno - .Ve - .PP --Lists will be evaluated in the specified order. This allows to place faster expressions at first: -+Lists will be evaluated in the specified order. This allows one to place faster expressions at first: - .PP - .Vb 1 - \& postfwd2 \-\-nodaemon \-vv \-L \-r "id=RBL001; rbl=localrbl.local zen.spamhaus.org; action=REJECT" /some/where/request.sample -@@ -1601,7 +1601,7 @@ To debug special steps of the parser the '\-\-debug' switch takes a list of debu - .PP - The common way to use postfwd2 is to start it as daemon, listening at a specified tcp port. - postfwd2 will spawn multiple child processes which communicate with a parent cache. This is --the prefered way to use postfwd2 in high volume environments. Start postfwd2 with the following parameters: -+the preferred way to use postfwd2 in high volume environments. Start postfwd2 with the following parameters: - .PP - .Vb 1 - \& postfwd2 \-d \-f /etc/postfwd.cf \-i 127.0.0.1 \-p 10045 \-u nobody \-g nobody \-S diff --git a/debian/patches/20_fix_postfwd1_default_umask.patch b/debian/patches/20_fix_postfwd1_default_umask.patch deleted file mode 100644 index 8bf3c99..0000000 --- a/debian/patches/20_fix_postfwd1_default_umask.patch +++ /dev/null @@ -1,15 +0,0 @@ -From: Jan Wagner -Subject: Fixing default umask of postfwd -diff --git a/sbin/postfwd b/sbin/postfwd -index e17a729..62f90bb 100755 ---- a/sbin/postfwd -+++ b/sbin/postfwd -@@ -49,7 +49,7 @@ our($def_net_chroot) = ""; - our($def_net_interface) = "127.0.0.1"; - our($def_net_port) = "10040"; - our($def_net_proto) = "tcp"; --our($def_net_umask) = "0111"; -+our($def_net_umask) = "0177"; - our($def_net_user) = "nobody"; - our($def_net_group) = "nobody"; - our($def_dns_queuesize) = "300"; diff --git a/debian/patches/series b/debian/patches/series deleted file mode 100644 index c5ee770..0000000 --- a/debian/patches/series +++ /dev/null @@ -1,2 +0,0 @@ -10_fix_wording_manpages.patch -20_fix_postfwd1_default_umask.patch diff --git a/debian/postfwd.README.Debian b/debian/postfwd.README.Debian deleted file mode 100644 index 3786797..0000000 --- a/debian/postfwd.README.Debian +++ /dev/null @@ -1,68 +0,0 @@ -postfwd for Debian ------------------- - -1. PROVIDE A CONFIGFILE ------------------------ - -Please provide a config file, usually /etc/postfix/postfwd.cf. Examples are -located in /usr/share/doc/postfwd/examples/. -Another can be found at http://hege.li/howto/spam/etc/postfwd/postfwd.conf -and is provided as example-cfg2.txt. - -A quickstart guide is available at http://www.postfwd.org/quick.html and the -online documentation at http://www.postfwd.org/doc.html, the offline version -can be viewed with 'postfwd -m'. - -2. VERIFY CONFIG ----------------- - -How interpret the parser your rules, you can check with: - -# postfwd -f /etc/postfix/postfwd.cf -C -v - -Check your rules against sample request: - -# cat request.sample | postfwd -f /etc/postfix/postfwd.cf -L - -# cat request.sample - ------- snip ------- -ccert_fingerprint= -size=64063 -helo_name=english-breakfast.cloud9.net -reverse_client_name=english-breakfast.cloud9.net -queue_id= -encryption_cipher= -encryption_protocol= -etrn_domain= -ccert_subject= -request=smtpd_access_policy -protocol_state=RCPT -recipient=someone@domain.local -instance=6748.46adf3f8.62156.0 -protocol_name=ESMTP -encryption_keysize=0 -recipient_count=0 -ccert_issuer= -sender=owner-postfix-users@postfix.org -client_name=english-breakfast.cloud9.net -client_address=168.100.1.7 ------- snip ------- - -Samples can be taken into the logfile when starting the daemon with "-vv" - -3. AUTOMATIC STARTUP --------------------- - -In order to avoid the startup of the daemon on an unconfigured machine, -automatic startup, on boot, is disabled by default. To enable it just run -'systemctl enable postfwd.service', when still using SysVinit edit the -file /etc/default/postfwd and set the "startup" variable to 1. - -4. CHOOSING WHICH POSTFWD VERSION TO USE ----------------------------------------- - -Since some time, there is also a prefork version available, called postfwd2. -You can use update-alternatives to choose between 'postfwd1' and 'postfwd2'. - - -- Jan Wagner Mon, 10 Mar 2008 22:37:44 +0100 diff --git a/debian/postfwd.default b/debian/postfwd.default deleted file mode 100644 index 619f4ea..0000000 --- a/debian/postfwd.default +++ /dev/null @@ -1,15 +0,0 @@ -# Global options for postfwd(8). - -# Set to '1' to enable startup (daemon mode), doesn't affect systemd -STARTUP=0 - -# Config file -CONF=/etc/postfix/postfwd.cf -# IP where listen to -INET=127.0.0.1 -# Port where listen to -PORT=10040 -# run as user postfw -RUNAS="postfw" -# Arguments passed on start (--daemon implied) -ARGS="--summary=600 --cache=600 --cache-rdomain-only --cache-no-size" diff --git a/debian/postfwd.docs b/debian/postfwd.docs deleted file mode 100644 index d4b6199..0000000 --- a/debian/postfwd.docs +++ /dev/null @@ -1,5 +0,0 @@ -debian/tmp/*.txt -doc/*.txt -doc/postfwd-ARCH.png -doc/postfwd2.CHANGELOG -tools/*.pl diff --git a/debian/postfwd.examples b/debian/postfwd.examples deleted file mode 100644 index 26c37f7..0000000 --- a/debian/postfwd.examples +++ /dev/null @@ -1,4 +0,0 @@ -debian/example-cfg* -etc/postfwd.cf.sample -plugins/*.sample -tools/*.sample diff --git a/debian/postfwd.init b/debian/postfwd.init deleted file mode 100644 index 0394b06..0000000 --- a/debian/postfwd.init +++ /dev/null @@ -1,103 +0,0 @@ -#! /bin/sh -# Written by Miquel van Smoorenburg . -# Modified for Debian -# by Ian Murdock . -# -# Version: @(#)skeleton 1.9 26-Feb-2001 miquels@cistron.nl -# /etc/init.d/postfwd: v1 2008/03/12 Jan Wagner - -### BEGIN INIT INFO -# Provides: postfwd -# Required-Start: $local_fs $network $remote_fs $syslog -# Required-Stop: $local_fs $network $remote_fs $syslog -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: start and stop the postfw daemon -# Description: a Perl policy daemon for the Postfix MTA -### END INIT INFO - -PATH=/sbin:/bin:/usr/sbin:/usr/bin -NAME=postfwd -DAEMON=/usr/sbin/${NAME} -PIDFILE=/var/run/$NAME.pid -DESC=postfwd - -. /lib/lsb/init-functions - -test -x $DAEMON || exit 0 - -not_configured () { - echo "#### WARNING ####" - echo "${NAME} won't be started/stopped unless it is configured." - echo "If you want to start ${NAME} as daemon, see /etc/default/${NAME}." - echo "#################" - exit 0 -} - -no_configfile () { - echo "#### WARNING ####" - echo "${NAME} won't be started/stopped unless a rules file is provided at $CONF." - echo "#################" - exit 0 -} - -# check if postfwd is configured or not -if [ -f "/etc/default/$NAME" ] -then - . /etc/default/$NAME - if [ "$STARTUP" != "1" ] - then - not_configured - fi -else - not_configured -fi - -# check if rules file is there -if [ ! -f $CONF ] -then - no_configfile -fi - -# Check whether we have to drop privileges. -if [ -n "$RUNAS" ] -then - if ! getent passwd "$RUNAS" >/dev/null; then - RUNAS="" - fi -fi - -set -e - -case "$1" in - start) - echo -n "Starting $DESC: " - start-stop-daemon --start --quiet \ - --name ${NAME} \ - --exec $DAEMON -- ${ARGS} --daemon --file=${CONF} --interface=${INET} --port=${PORT} --user=${RUNAS} --group=${RUNAS} --pidfile=$PIDFILE - echo "$NAME." - ;; - stop) - echo -n "Stopping $DESC: " - start-stop-daemon --stop --quiet --oknodo --pidfile $PIDFILE && rm -rf $PIDFILE - echo "$NAME." - ;; - reload) - echo "Reloading $DESC configuration files." - kill -HUP $(cat $PIDFILE) - ;; - restart|force-reload) - echo -n "Restarting $DESC (incl. cache): " - $0 stop > /dev/null - sleep 1 - $0 start > /dev/null - echo "$NAME." - ;; - *) - N=/etc/init.d/$NAME - echo "Usage: $N {start|stop|restart|reload|force-reload}" >&2 - exit 1 - ;; -esac - -exit 0 diff --git a/debian/postfwd.manpages b/debian/postfwd.manpages deleted file mode 100644 index 638a3b9..0000000 --- a/debian/postfwd.manpages +++ /dev/null @@ -1,2 +0,0 @@ -debian/tmp/postfwd1.8 -man/man8/postfwd2.8 diff --git a/debian/postfwd.postinst b/debian/postfwd.postinst deleted file mode 100644 index fed6a61..0000000 --- a/debian/postfwd.postinst +++ /dev/null @@ -1,63 +0,0 @@ -#!/bin/sh -# based on arpwatch.postinst: v11 2004/09/15 KELEMEN Peter -# postinst: v1 2006/01/12 Jan Wagner - -set -e - -NUSER="postfw" -NGROUP="postfw" -NHOME="/var/lib/$NUSER" -NGECOS="postfwd user" - -case "$1" in - configure) - # Take care of group. - if NGROUP_ENTRY=`getent group $NGROUP`; then - # group exists - : - else - # group does not exist yet - addgroup --quiet --system $NGROUP - fi - - # Take care of user. - if NUSER_ENTRY=`getent passwd $NUSER`; then - # user exists - adduser --quiet $NUSER $NGROUP - # - else - # user does not exist yet - adduser --quiet --system \ - --ingroup $NGROUP \ - --gecos "$NGECOS" \ - --home $NHOME \ - --no-create-home \ - --shell /bin/sh \ - --disabled-login \ - --disabled-password \ - --shell /bin/false \ - $NUSER - fi - - # Set up home directory. - if [ -d $NHOME ]; then - chown -R ${NUSER}:${NGROUP} $NHOME - chmod -R o-rwX $NHOME - fi - ;; - - abort-upgrade|abort-remove|abort-deconfigure) - ;; - *) - echo "postinst called with unknown argument \`$1'" >&2 - exit 1 - ;; -esac - -update-alternatives --install /usr/sbin/postfwd postfwd /usr/sbin/postfwd1 100 \ - --slave /usr/share/man/man1/postfwd.1.gz postfwd.1.gz \ - /usr/share/man/man1/postfwd1.1.gz -update-alternatives --install /usr/sbin/postfwd postfwd /usr/sbin/postfwd2 120 \ - --slave /usr/share/man/man1/postfwd.2.gz postfwd.2.gz \ - /usr/share/man/man1/postfwd2.1.gz -#DEBHELPER# diff --git a/debian/postfwd.postrm b/debian/postfwd.postrm deleted file mode 100644 index 5c1cb0e..0000000 --- a/debian/postfwd.postrm +++ /dev/null @@ -1,56 +0,0 @@ -#!/bin/sh -# based on arpwatch.postrm: v2 2004/09/15 KELEMEN Peter -# postrm: v1 2006/10/12 Jan Wagner - -NUSER="postfw" -NGROUP="postfw" - -set -e - -case "$1" in - purge) - # find first and last SYSTEM_UID numbers - for LINE in `grep SYSTEM_UID /etc/adduser.conf | grep -v "^#"`; do - case $LINE in - FIRST_SYSTEM_UID*) - FIST_SYSTEM_UID=`echo $LINE | cut -f2 -d '='` - ;; - LAST_SYSTEM_UID*) - LAST_SYSTEM_UID=`echo $LINE | cut -f2 -d '='` - ;; - *) - ;; - esac - done - # remove system account if necessary - if [ -n "$FIST_SYSTEM_UID" ] && [ -n "$LAST_SYSTEM_UID" ]; then - if USERID=`getent passwd $NUSER | cut -f 3 -d ':'`; then - if [ -n "$USERID" ]; then - if [ "$FIST_SYSTEM_UID" -le "$USERID" ] && \ - [ "$USERID" -le "$LAST_SYSTEM_UID" ]; then - if which deluser > /dev/null; then - deluser --quiet $NUSER || true - # And then remove the group - GROUPID=`getent group $NGROUP | cut -f 3 -d ':'` - if [ -n "$GROUPID" ]; then - if which delgroup > /dev/null; then - delgroup --quiet $NGROUP || true - fi - fi - fi - fi - fi - fi - fi - ;; - - remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) - ;; - - *) - echo "postrm called with unknown argument \`$1'" >&2 - exit 1 - ;; -esac - -#DEBHELPER# diff --git a/debian/postfwd.prerm b/debian/postfwd.prerm deleted file mode 100644 index 66018fb..0000000 --- a/debian/postfwd.prerm +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/sh - -set -e - -if [ "$1" = remove ] || [ "$1" = deconfigure ]; then - update-alternatives --remove postfwd /usr/sbin/postfwd1 - update-alternatives --remove postfwd /usr/sbin/postfwd2 -fi - -#DEBHELPER# diff --git a/debian/postfwd.service b/debian/postfwd.service deleted file mode 100644 index 2ca97aa..0000000 --- a/debian/postfwd.service +++ /dev/null @@ -1,15 +0,0 @@ -[Unit] -Description=Postfix firewall daemon -After=network.target -Before=postfix.service - -[Service] -Environment=PIDFILE=/var/run/postfwd.pid -EnvironmentFile=-/etc/default/postfwd -ExecStart=/usr/sbin/postfwd $ARGS --daemon --file $CONF --interface $INET --port $PORT --user $RUNAS --group $RUNAS --pidfile $PIDFILE -ExecStop=/usr/sbin/postfwd --file $CONF --pidfile $PIDFILE --kill -ExecReload=/usr/sbin/postfwd --file $CONF --pidfile $PIDFILE --reload -Type=forking - -[Install] -WantedBy=multi-user.target diff --git a/debian/rules b/debian/rules deleted file mode 100755 index f27e5e3..0000000 --- a/debian/rules +++ /dev/null @@ -1,57 +0,0 @@ -#!/usr/bin/make -f -# written by Jan Wagner -# -# Uncomment this to turn on verbose mode. -#export DH_VERBOSE=1 - -build: build-arch build-indep -build-arch: -build-indep: - -clean: - # removing generated manpage (not initial shipped) - rm -rf man/man8/hapolicy.1 - dh_testdir - dh_testroot - dh_clean - -install: build - dh_testdir - dh_testroot - dh_prep - - # install binaries - install -D -m 644 sbin/postfwd debian/postfwd/usr/sbin/postfwd1 - install -D -m 644 sbin/postfwd2 debian/postfwd/usr/sbin/postfwd2 - install -D -m 644 tools/hapolicy/hapolicy debian/hapolicy/usr/sbin/hapolicy - # install man page - mkdir -p debian/tmp/ - cp man/man8/postfwd.8 debian/tmp/postfwd1.8 - html2text doc/quick.html > debian/tmp/quick.txt - html2text doc/versions.html > debian/tmp/versions.txt - pod2man debian/hapolicy/usr/sbin/hapolicy man/man8/hapolicy.1 - -# Build architecture-independent files here. -binary-indep: build install - dh_testdir - dh_testroot - dh_installchangelogs doc/postfwd.CHANGELOG - dh_installdocs -ppostfwd -Xhapolicy - dh_installdocs -phapolicy tools/hapolicy/hapolicy[0-9a-zA-Z.]* - dh_installexamples - dh_installinit -- defaults 19 21 - dh_installsystemd --no-enable - dh_installman - dh_compress - dh_fixperms - dh_perl - dh_installdeb - dh_gencontrol - dh_md5sums - dh_builddeb - -# Build architecture-dependent files here. -binary-arch: build install - -binary: binary-indep binary-arch -.PHONY: build clean binary-indep binary-arch binary install diff --git a/debian/source/format b/debian/source/format deleted file mode 100644 index 163aaf8..0000000 --- a/debian/source/format +++ /dev/null @@ -1 +0,0 @@ -3.0 (quilt) diff --git a/debian/source/options b/debian/source/options deleted file mode 100644 index b746363..0000000 --- a/debian/source/options +++ /dev/null @@ -1 +0,0 @@ -extend-diff-ignore = '(^|/)(\.travis\.yml|\.git|\.github|\.gitgnore|config\.sub|config\.guess)' diff --git a/debian/watch b/debian/watch deleted file mode 100644 index 191f206..0000000 --- a/debian/watch +++ /dev/null @@ -1,2 +0,0 @@ -version=4 -https://postfwd.org postfwd-(.*)\.tar\.gz